The Metaverse needs to keep privacy in mind to avoid Meta’s mistakes

Metaverse skeptics fear the prospect of unprotected data and large-scale user surveillance on an unprecedented scale. Ironically, the biggest company powering the Metaverse, Meta (formerly known as Facebook), has faced its fair share of privacy scandals on the internet’s current iteration, culminating in Mark Zuckerberg being dragged before the United States Congress to accountable for Facebook’s inability to combat hate speech and privacy violations.

In a US Senate committee hearing, whistleblower Frances Haugen accused Meta of “putting profit before the welfare of children and all users” when it came to developing manipulative algorithms that use behavioral data to convince users to spend more time to spend on the platform.


The controversy hasn’t diminished Facebook’s popularity, but the anti-surveillance public zeitgeist offers lessons for Metaverse developers trying to fix many of Web2’s problems. The young space can implement systems that give users full transparency on how the systems collect and use user data and what data is collected. By emphasizing privacy and assuring users that their data will not be used against them, smaller Metaverse companies gain a unique selling proposition and even an advantage over any big tech companies looking to get into the Metaverse, including Meta.

Related: A letter to Zuckerberg: The Metaverse isn’t what you think it is

Privacy issues in the Metaverse

Metaverse avatars are a conglomeration of all topics related to data protection in the digital realm. As a user’s gateway to all Metaverse interactions, they can also offer platforms a lot of personal data to collect, especially if their tech stack includes biometrics, like tracking users’ facial features and expressions for the avatar’s own emotes.

The risk of someone hacking biometrics is much scarier than hacking shopping preferences. Biometric data is often used as an additional security measure, e.g. B. when you authorize the payment on your phone with your fingerprint. Imagine someone stealing your fingerprints and draining your card with a series of transfers. Such violations are not uncommon: in 2019, hackers got hold of the biometric data of 28 million people.

It’s scary to think about what traditional digital marketing might look like in the Metaverse. Have you ever bought shoes online and suddenly noticed that your Facebook is filled with ads for similar shoes? That’s because advertisers use both cookies and your IP address to personalize their ads. Imagine if advertisers not only had access to your shopping preferences, but also to your biological data. Marketers would pay dearly for a set of your facial expressions captured during a visit to a Metaverse mall, and Big Tech knows it all too well.

Related: Browser cookies are not consent: The new way to data protection according to the EU data protection regulation fails

And this is exactly where smaller Metaverse developers have an advantage over large corporations like Meta. Privacy will be a major concern for anyone looking to join the Metaverse, and when they grapple with Meta’s history of poor data usage, newer developers need to emphasize privacy as their main selling point. But how?

Ensuring privacy for vulnerable consumers

The Metaverse is our chance to build a better, more private digital reality that protects individuals from government and corporate abuse. Therefore, developers should approach the construction of the metaverse architecture with this in mind. Clear communication with users about data policies and preferences should be built into this architecture to ensure they only share their data when they really want to, and not when protected by disclaimers hidden in pages of legal jargon. be tempted to do so.


Just as many websites today have more effective controls that allow users to opt out of data sharing, Metaverse projects should have clear ways for users to protect their data, biometric or not. And the key is to emphasize those elements from the start.

Biometric data, whether facial tracking for avatar emotes or fingerprints used as the basis for a cryptographic key pair, needs special protection. Accessing such data isn’t the same as knowing a person’s food preferences — it’s literally the key to everyone’s biological information. To protect this information on the Metaverse, developers should normalize the use of digital biometrics-based IDs powered by blockchain. Biometric data can serve as the cryptographic basis for generating a public/private key pair. These keys would serve as proof of identity on a network, allowing their holders to log out and receive transactions. Activating a digital ID rooted in a key pair provides a more secure and protected identity that is nearly impossible to hack.

Another important way to protect consumers is to ensure their data is encrypted and anonymized. Do not cut corners. Make sure you are effectively communicating to your customers that their privacy is their top priority and that they are in control of what is shared. The Metaverse can be a scary place for users if they don’t know what their data is being used for.


They say that the journey of a thousand miles begins with a single step, and for Metaverse developers, that first step will be critical. For the Metaverse to reach mainstream audiences, people need to feel comfortable sharing their data. The privacy issue is no joke for Metaverse users, and Metaverse developers need to keep this in mind to have an advantage over big companies – and more importantly, to shape the internet of the future. The state of everyone’s privacy depends on it.

This article does not contain any investment advice or recommendation. Every investment and trading move involves risk and readers should do their own research when making a decision.

The views, thoughts, and opinions expressed herein are solely those of the author and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Daniele Marinelli is CEO and founder of DTSocialize Holding. Previously a consultant and chartered accountant, he is also a member of the Italian National Council for Economy and Labor and enrolled in the National Taxation Institute. In 2010 Daniele started to deal with digital assets and the technologies behind them. Soon after, he decided to create an ecosystem where members of the DT community could use a single digital ID to access, interact, connect, shop and monetize modern financial services while protecting their privacy.